Hapless municipal bosses in San Francisco have been locked out of their network by a disgruntled sysadmin charged with computer sabotage.
Terry Childs, 43 and of Pittsburg, California, was held on remand over the weekend pending the outcome of committal proceedings (an arraignment) on Tuesday where he faces four counts of …

COMMENTS

Page:

Get the vendor there.

If they paid multiple millions of dollars, even as devalued as the dollar is right now, the vendor should be happy to send an engineer over to pop the cork on these systems. It should be easy for someone familiar enough with the systems who has physical access.

San Fookedcisco

San Fran is about to be the cracking hot-spot of the world, how many are going to be moving their target sights over to that city right now.

With people trying to open access left right and center, there will be other cracks for people to slip in, and trojan the system. And it is right next door to silicon valley, that is a coup for any cracker worth his salt, the proximity and the side effect hacks that would be made possible are pretty tempting.

The firing looks politically motivated not performance related, are they saying his performance was so bad he couldn't pull of a stunt like this?

And who is to say the access codes he gave were not the right ones as he knew it, and the system is not already hijacked. As the dust starts to settle the damages on this one are going to be colossal.

One does sort of 'root' for the underdog, but unless he has a cunning and devious plan up his sleeve, he is in for some rough treatment.

Sysadmin is an ironic position

Its kinda wierd being a DBA or sysadmin. If you HAVE done your job properly, you should be sitting back and reading the paper. That means the systems are running properly and you aren't running around putting out fires and fixing problems. You are retained for your experience and ability to plan upgrades or recover from disasters, not to be constantly busy. It isn't terribly clear in what way he was a poor performer, or was it that someone objected to his salary?

Can't be used as a BOFH story...

Once a BOFH, always a BOFH

Has anyone even bothered to lift the keyboard up and look underneath it? That's where you usually find the post-it pad with all the required passwords on. Or, they could just try P@55w0rd , guaranteed to unlock most companies' networks....

locked-out

RE: Sysadmin is an ironic position

Interesting point in that I wonder if this is all a stunt by him to prove (now to prove in court) that he was in fact doing his job, and he was well qualified for it; albeit in this case now he is a criminal, vandal, and saboteur.

I have found that many logical and genuinely smart people are completely and hopelessly socially inept.

It's San Fran ...

More federal BS

Bullshit. Millions of dollars, my arse.

The only reason they're bumping up the supposed damages is down to the fact that they want to turn it into a federal case. If I remember correctly I don't think the feds will get involved unless the damages involved are over $50,000 for each occurance. I'm sorry, but refusing to hand over the admin password for a router doesn't cost $50 grand to fix in anybody's book - even via the "think of a number and double it, and add 20% contingency" style contracts the US government uses.

In any case, what kind of dumb-ass management allows a single administrator complete access to the entire network. Should be using centralised access based on securID or RADIUS anyway. While you're at it guys, sack the clearly neglegent operations manager.

I think ...

A cunning plan.

"One does sort of 'root' for the underdog, but unless he has a cunning and devious plan up his sleeve, he is in for some rough treatment."

The best cunning plans involve not getting caught. Failing that technique, we can at least hope he was devious enough -and his employers stupid enough, to fall into a trap he set that will exonerate him by wiping all the evidence, or changing it enough to make the case fail.

I find it hard to imagine politicians and civil servants being cluebatted up enough to cope with that.

sitting back and waiting

interesting POV Damian. if you've done your job properly you can just sit back and wait for other things to come along. yes. no firefighting etc. but you can be sure that if you ARE in that position, then the PHB will ensure that LOTS of other work DOES

come your way - after all, you're good and can get the things done that the other idiots you work with cannot do. hmmm. some level of incompleteness in all tasks must therefore figure in your schedule?

Hmmm...

I think that there is a BOFH at work here, or possibly a PFY... it's just not as obvious as it appears...

1. You have someone who for some reason isn't that well liked, possibly even the 'head' of IT. Just think about it.. he was being diciplined for 'poor performance at work'... let's face it, there isn't a manager born that actually knows what his IT department does. If someone knows that he is a poor performer (might coencide with being a nethack expert) you can bet your bum that it's because someone has been slipping words in the big boss' ear.

2. The entire system becomes locked, and there is only 1 person who could have locked it down (or so it seems)...

3. That person, after he gets arrested, cooperates with the police and gives up the password(s), but for some reason or other, it (they?) don't seem to work anymore... he must be lying... surely?

4. The police seem to think that there might be someone else involved as well, but can't seem to prove anything...

5. I'm just surprised that this poor fellow hasn't became stuck in a lift yet.

I wouldn't be that surprised that after this guy gets porridge some clever pimply faced youth somehow manages to crack the password and gets a promotion to top it all off ;o)

Call him Terry Rist

Can't get the password voluntry? Charge him with being a terrorist, then the Yanks can legally torture him to make him talk. An orange jumpsuit, a plane ride to GITMO, a few goes at water boarding will make him spit out the pword.

That is why torture is legal, right, your are always garunteed to get all the "intelligence" you needed? It is 100% reliable?

Snooping around

If you Google "San Francisco FiberWAN" and pore through the first 9-10 pages, you find a pdf for a feasibility study done in early 2007. What's interesting is in the middle of the 200 page document, one finds a discussion of the FiberWAN system.

Briefly, here's what it appears to be. S.F. has had fiber cable laid to many of it's outlying offices, to connect them to the datacenter. At the core of everything in the datacenter are several huge Cisco Catalyst 6500s, a SAN or two to hold most of the critical data, and connections to most if not all of the servers. So it seems like this is more than a WAN, it looks like it includes the datacenter LAN as well.

If Childs has locked out everybody from even seeing the router configs, and has also locked down or destroyed any and all backups thereof, somebody is in a heap o' trouble.

You can't just reconstruct all those VLAN (etc.) definitions from looking at what box is connected to what switch port.

(Disclaimer: I'm a software guy, I don't do wires, but this looks really icky).

Can you say: “Scapegoat”?

I’m betting some VIP stepped on the fiber and kinked it.

I’ve yet to see a local government that didn’t treat their IT department like a redheaded stepchild and it would be no wonder the thing collapsed. I’m just counting the days until it happens where I work.

@ Damian Wheeler

@ Damian Wheeler said: It isn't terribly clear in what way he was a poor performer, or was it that someone objected to his salary?

HE was probably the one who objected to his salary. He wasn't getting paid anywhere near as much as many of the police and firemen in San Francisco. Where else can a policeman make $180,000 a year with overtime, then retire with his pension based on the last full year's pay, including overtime... at age 50.

Re: Sysadmin is an ironic position

Similarly a manager's job (should) be like that too: they don't exist because all the result of them should be, for the worker, that there are no problems. It should be only when the manager isn't there you notice what they did.

Unfortunately, that isn't all that impressive a job (and it's the squeaky wheel that gets the grease), so most managers become PHB-like and ensure EVERYONE knows they are there. Politicians do the same thing (pass laws because that's all that people can see them do, so they do it).

Problem is that the more management above you, the more, as AC pointed out, your PBH will find work for you to do.

FUBAR from the start

I mean, seriously, they figured out that this guy had done some nice empire-building, and nobody thought "Hey, let's get a warrant and put a couple taps in and capture his passwords, hm?" Sounds like a combination of a child named Childs and Law Enforcement Amateur Hour. Morons abound!

Isn't it the one

I'll hire the guy

Send for the thumbscrews

Sounds like Homeland Security's wet dream. Remember the hypothetical scenario that experts told us "never happens" - the "ticking bomb" that must be "diffused" as the media people have taken to saying? Well this may be as close as we have got yet.

Let's see how long it takes them to get him on a waterboard. But what if he's actually forgotten the password?

"the system, which is up and running but inaccessible"

"Meanwhile his former bosses were unable to access San Francisco's new multimillion-dollar FiberWAN"

So, at the start the system was inaccessible. It didn't say it was down. So what has changed?

What they are saying is "We haven't done jack shit".

BTW, I agree that this BOFH was probably set up by his PFY, who will now receive a promotion, a huge pay rise, and exclusive access to the cattle prod. Meanwhile, BOFH gets time in the slammer to plot his revenge...

I also agree that it was probably triggered by the lack of a BOFH article this week. I nearly flipped out from withdrawal myself. Shame on you Simon, causing so much damage!